Short answer: a little of both, but mostly trust. The lesson from Salesforce.com is that there is no SLA buried in its subscription agreement; the uptime and security commitments live on a public “trust site” instead, which shortens the contract negotiation and builds more trust than an embedded SLA ever could.
I learned something about the Salesforce.com agreement that changed how I think about SaaS and PaaS agreements and service level agreements (SLAs): there is no SLA in the Salesforce.com agreement. What Salesforce realized, and you should remember, is that you are first and foremost selling “trust.” So it spent less time negotiating an embedded SLA and instead publicized its commitments on a trust site.
What Is a Trust Site?
A trust site is a public-facing page where you post your SLA (current and historical uptime, plus whatever metrics your customers need to trust you), your security posture, and your privacy practices. The concept is simple, but making the information public takes it to another level. It is the operational, customer-facing companion to building privacy and security in from the start (see Privacy by Design).
Why Salesforce Did It.
What I heard is that Salesforce was spending far too much time negotiating its SLA, how to measure it, how to determine and apply credits, and that was unnecessarily extending the sales cycle. So it thought harder about what customers actually want to know:
- That the vendor knows when the site has a performance issue.
- That the vendor is working to resolve it.
- That there is some notification when it is resolved.
All of that can be addressed through a trust site instead of the SaaS or PaaS agreement. That is how customers actually look at it, so you should too.
What You Can Do Now.
Look at the sample trust sites below. Yours does not have to mirror Salesforce; figure out which key metrics your customers want to see. This is not hard, and if you get it right you can spend less time negotiating your agreement while building more trust. It pairs with keeping the changeable operational detail in a policy rather than the signed contract, and with the trust signals that move a buyer’s emotional side in a SaaS negotiation.
Frequently Asked Questions.
Can I really leave the SLA out of my SaaS agreement? You can move the uptime metrics and remedies to a public trust site and keep the contract’s SLA section lean. Salesforce does essentially this. Decide deliberately what stays contractual (for example, service credits) versus what is published.
What goes on a trust site? Current and historical uptime, your security posture, and your privacy practices, plus a status/notification mechanism so customers see incidents and resolutions in real time.
Does a trust site really speed up deals? Often yes. Much SLA negotiation is the buyer trying to verify trust. Publishing the metrics answers that before legal review starts, so there is less to argue over.
So are you selling trust or SaaS? A little of both. Get the trust part right and the SaaS part gets easier.
Resources (sample trust sites):
Disclaimer:
This post is for informational and educational purposes only, and is not legal advice. You should hire an attorney if you need legal advice, which should be provided only after review of all relevant facts and applicable law.
Discover more from Aber Law Firm
Subscribe to get the latest posts sent to your email.